Zyrkahttps://www.zyrka.com
Mon, 19 Mar 2018 16:07:49 +0000en-UShourly1https://wordpress.org/?v=4.7.9Netflix To Release More Parental Controls To Help Parentshttps://www.zyrka.com/2018/03/19/netflix-to-release-more-parental-controls-to-help-parents/
https://www.zyrka.com/2018/03/19/netflix-to-release-more-parental-controls-to-help-parents/#respondMon, 19 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/19/netflix-to-release-more-parental-controls-to-help-parents/If you have a Netflix account and children living at home, there's a reason to cheer about the company's most recent announcement. They're rolling out some robust new parental control features ...]]>If you have a Netflix account and children living at home, there's a reason to cheer about the company's most recent announcement. They're rolling out some robust new parental control features that will allow you to exert much more control over what your children are watching.

You can now set content-specific PINs to lock movies or TV shows. So for example, if you don't want your children watching "Zombeavers" (yes, that's a real movie, by the way), you could lock that content with a PIN. This is in addition to the existing controls Netflix offers that allow parents to set broad PIN-based protections that block content at specified maturity levels.

Additionally, the company has stated that it will start displaying these maturity level designations at the start of each program to give parents greater awareness of what their children are watching. The changes are slated to be rolled out over the next few months.

It's probably not a coincidence that the rollout of these changes is slated to coincide with Disney's planned launch of their own kid-friendly streaming service.

It's worth noting that Netflix and Disney reached a streaming agreement back in 2012, which didn't go into effect until 2016. Disney has stated their intention to end the deal beginning with films released in 2019. For their part, Netflix will retain the right to show older Disney films until the end of 2019.

Netflix has been the King of the video streaming hill for a long time, but the company is coming under increasing pressure from a growing number of competitors. The company is fully aware that Disney already has the hearts and minds of millions of children around the world. They realize that unless they do something to bolster their parental controls feature set, they stand to lose ground to this latest entrant in the field of streaming video.

]]>https://www.zyrka.com/2018/03/19/netflix-to-release-more-parental-controls-to-help-parents/feed/0Microsoft To Help Intel With Security Issueshttps://www.zyrka.com/2018/03/17/microsoft-to-help-intel-with-security-issues/
https://www.zyrka.com/2018/03/17/microsoft-to-help-intel-with-security-issues/#respondSat, 17 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/17/microsoft-to-help-intel-with-security-issues/By now, you've almost certainly heard of the "Spectre" and "Meltdown" security flaws that affect every Intel chip produced in the last decade. Users have been waiting for a fix for ...]]>By now, you've almost certainly heard of the "Spectre" and "Meltdown" security flaws that affect every Intel chip produced in the last decade. Users have been waiting for a fix for both of these since January, when the issues were first discovered.

From the beginning, Microsoft agreed to include the fix for Spectre in its regular software updates but insisted that Intel and PC manufacturers would have to push the Meltdown fix on their own.

Unfortunately, the overwhelming majority of users are still waiting, and in the meantime, untold millions of machines are at risk. Intel's first attempt at a fix was so spectacularly bad that the company urged users not to install it until a better fix could be rolled out.

Intel has since released an updated fix, but few users have taken advantage of it so far. The reason is because most users simply don't know how. They're not aware that they have to go to Intel's website to manually download and install it, or wait for an OEM push, which could still be months away.

Given this reality and the extreme danger that Spectre poses, Microsoft has reversed course and agreed to make special Windows update releases that include the Spectre fix. The first such update, KB4090007, is now out and available to users.

There are two important caveats to be aware of, however:

These special updates will not be delivered automatically. Users will have to go to the Windows Update Catalog and select the appropriate package, then run it on their computers

The updates are available only for Windows 10, version 1709, and Windows Server, version 1709

The currently available package (KB4090007) is meant for Intel Skylake CPU owners only. Additional packages will be released over the course of the next few months.

]]>https://www.zyrka.com/2018/03/17/microsoft-to-help-intel-with-security-issues/feed/0Trustico CEO Leaks HTTPS Certificate Keys Through Emailhttps://www.zyrka.com/2018/03/16/trustico-ceo-leaks-https-certificate-keys-through-email/
https://www.zyrka.com/2018/03/16/trustico-ceo-leaks-https-certificate-keys-through-email/#respondFri, 16 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/16/trustico-ceo-leaks-https-certificate-keys-through-email/The CEO of Trustico, a TLS certificate reseller based in the United Kingdom, finds himself at the center of a controversy that raises a number of disturbing questions about browser-trusted security ...]]>The CEO of Trustico, a TLS certificate reseller based in the United Kingdom, finds himself at the center of a controversy that raises a number of disturbing questions about browser-trusted security certificates.

The email in question was sent to Jeremy Rowley, an executive Vice President at DigiCert. The catalyst that prompted the fateful email was that officials at Trustico notified DigiCert that 50,000 certificates originally issued by Symantec and resold by Trustico had been compromised and should be mass revoked due to security concerns.

Mr. Rowley, not wanting to take such drastic action without proof, asked for it. In response, Trustico's CEO emailed the private keys of 23,000 certificates, an action which drew shocked reactions from security professionals around the world when news of the email became public.

If you're not familiar with the inner workings of browser-trusted certificates, there are a few problems here. First, there's no good reason why a reseller should have a copy of the private keys to begin with. Second, even if that were the norm, to simply email them to a third party shows incredibly poor judgement, especially given that there's no evidence the email in question was encrypted. Third, customers used Trustico's website to generate their private keys, which is a service that should never even have been offered.

To make matters even worse, not long after news of the email hit the internet, Trustico's website went dark, when a security expert posted details about a critical vulnerability on the company's website. The flaw resides in a site feature that allows customers to confirm that certificates are properly installed. Unfortunately, Trustico's website had been compromised and any time a user would use the feature, the hackers could use the opportunity to run malicious code. It's a tangled web, and it paints everyone involved in a very bad light.

]]>https://www.zyrka.com/2018/03/16/trustico-ceo-leaks-https-certificate-keys-through-email/feed/0Another 2.4 Million Users Hacked In Equifax Breachhttps://www.zyrka.com/2018/03/15/another-2-4-million-users-hacked-in-equifax-breach/
https://www.zyrka.com/2018/03/15/another-2-4-million-users-hacked-in-equifax-breach/#respondThu, 15 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/15/another-2-4-million-users-hacked-in-equifax-breach/It looks like it's going to be another bad month for Equifax. The company just can't seem to get out of its own way. In 2017, the company announced a massive ...]]>It looks like it's going to be another bad month for Equifax. The company just can't seem to get out of its own way.

In 2017, the company announced a massive data breach that (it initially claimed) impacted some 140 million users. Several months after the official announcement, the company was forced to revise the number of impacted users upward, as the forensic investigation into the breach continued.

Now, the company has announced a further upward revision of 2.4 million, bringing the total number of impacted users to slightly more than 148 million.

Equifax CEO Paulino do Rego Barros Jr. had this to say about the announcement, which raised more than a few eyebrows:

"This is not about newly discovered stolen data. It's about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, making connections that enabled us to identify additional individuals."

As it did originally, the company has also announced that it would notify the newly identified consumers and offer them free credit monitoring and identity theft protection at no cost.

After last year's congressional hearings on the matter, this portion of the announcement tends to illicit eyerolls. The company is in the credit monitoring business, and the way the company offers its "free" protection is that at the end of the free period, it automatically rolls into a paid plan unless the user cancels the service.

Of course, as with most such schemes, a high percentage of users won't think about it until they get their first bill. One of the more acidic comments made during last year's hearings was that the company actually seems to be profiting from their own data breach. That makes the CEO's statement that "We are committed to regaining the trust of consumers, improving transparency, and enhancing security across our network" ring a bit hollow.

]]>https://www.zyrka.com/2018/03/15/another-2-4-million-users-hacked-in-equifax-breach/feed/0New Android OS To Improve Lower End Phoneshttps://www.zyrka.com/2018/03/14/new-android-os-to-improve-lower-end-phones/
https://www.zyrka.com/2018/03/14/new-android-os-to-improve-lower-end-phones/#respondWed, 14 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/14/new-android-os-to-improve-lower-end-phones/Google has another new product out. A slimmed down, streamlined version of the Android OS called "Go." Unfortunately, it's release didn't gather as much press as you'd expect when a new ...]]>Google has another new product out. A slimmed down, streamlined version of the Android OS called "Go." Unfortunately, it's release didn't gather as much press as you'd expect when a new OS is released. The reason for that is simple. The new, slimmer, sleeker Android Go was designed for low-end phones with limited storage capacity, which don't typically get much press either.

Despite the relative lack of fanfare, Android Go is an interesting app that deserves some attention, even if you don't own a low-end phone. At first glance, it's got a lot going for it, although it remains to be seen if users will embrace it and make full use of its capabilities.

The first major noteworthy difference between Go and the standard Android OS is the fact that it doesn't take up nearly as much space. Counting the OS itself and the Android default apps, the entire package requires just over 3GB, which is a significant space savings. This makes a real difference on low-end phones, which typically have no more than 8GB of storage to begin with.

Second, it comes with an app called "File Go" that offers users suggestions on files that can be moved to the cloud or safely removed altogether. Another app known as "Datally" makes tools available to manage how much data other apps on the phone are using, especially helpful for people who have limited data plans.

Third, there's a special "YouTube Go" version of the standard YouTube app that gives users three different video streaming options: basic, standard, and high quality. This comes with information about how much data each of the three options will eat up.

In addition to those changes, Google has added a special section to its Play Store, highlighting apps that don't require a lot of space.

Android Go is aimed specifically at users in developing nations, as this is where the highest concentration of low-end smartphones can be found. As to how successful the new OS will be, only time will tell, but early indications are encouraging.

]]>https://www.zyrka.com/2018/03/14/new-android-os-to-improve-lower-end-phones/feed/0Mi-Cam Baby Monitor Video Feeds Vulnerable To Hackinghttps://www.zyrka.com/2018/03/13/mi-cam-baby-monitor-video-feeds-vulnerable-to-hacking/
https://www.zyrka.com/2018/03/13/mi-cam-baby-monitor-video-feeds-vulnerable-to-hacking/#respondTue, 13 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/13/mi-cam-baby-monitor-video-feeds-vulnerable-to-hacking/Do you have a Mi-Cam in your home? Even if you don't have kids, you may have one. They're a highly popular, inexpensive means of keeping tabs on the comings and ...]]>Do you have a Mi-Cam in your home? Even if you don't have kids, you may have one. They're a highly popular, inexpensive means of keeping tabs on the comings and goings inside your home when you're not around.

As with so many such devices these days, users have the option of installing either an Android or iOS app on their phones so they can peek in remotely, any time they like, and therein lies the problem.

It's no secret that the IoT is filled with "smart" devices that don't live up to their name when it comes to security, and the Mi-Cam is no exception. Security researchers have discovered that the communications between the company's cloud servers where the video feeds live and the smartphones of the product's user based are not secure.

So far, six different vulnerabilities have been identified, all of them critical. Any one of them would allow a hacker to hijack the window into your video feed and use that to scroll through literally every video feed on the company's cloud, regardless of who owns it. All told, that's more than fifty thousand video feeds, accessible from a single point of entry.

It gets worse. The attack is trivial to perform, because no SSL certificate is needed. All that's required is a copy of either the Android or iOS mobile app.

The manufacturer of the Mi-Cam has been notified of these critical security flaws, but as of now, none have been addressed. The company has not released any information about when they might be. In light of that, if you have one, your best bet is to simply stop using it until the company can at least employ some rudimentary security protocols.

]]>https://www.zyrka.com/2018/03/13/mi-cam-baby-monitor-video-feeds-vulnerable-to-hacking/feed/0Intel Releases New Patch For Spectre Chip Issuehttps://www.zyrka.com/2018/03/12/intel-releases-new-patch-for-spectre-chip-issue/
https://www.zyrka.com/2018/03/12/intel-releases-new-patch-for-spectre-chip-issue/#respondMon, 12 Mar 2018 15:00:00 +0000https://www.zyrka.com/2018/03/12/intel-releases-new-patch-for-spectre-chip-issue/By now, you've probably heard more than you ever wanted to hear about the critical Intel security flaw known as "Spectre." The flaw is massive in scope and scale, impacting every ...]]>By now, you've probably heard more than you ever wanted to hear about the critical Intel security flaw known as "Spectre." The flaw is massive in scope and scale, impacting every chip that Intel has released over the past decade, and if exploited, would allow a hacker to take complete control over the vulnerable system. Needless to say, once discovered, the company got to work right away on a fix for the issue.

Unfortunately, there were problems. Whatever form the fix ultimately took, it was going to mean a performance hit to any machine receiving the update. Early estimates were that performance could be degraded by between 17 and 24 percent.

As it turns out, things were worse than expected. Intel's first attempt at patching the issue can only be described as a catastrophic failure, causing updated systems to spontaneously reboot multiple times a day and ruining performance. The problem got so bad that the company formally recommended not installing the patch and waiting for a better one to be developed.

That better patch is now available, and has been extensively tested to avoid the problems that plagued the release of the first patch. If you're running a machine that uses Intel's sixth, seventh, or eighth generation processor (Kaby Lake, Coffee Lake, or Skylake), or if you're using a machine running an X-series processor, you should have already received the update via OEM firmware push. If not, now is the time to grab it.

While it's true that we've seen worse bugs and flaws than Spectre, this is as bad as anything we've seen recently. Given how many Intel-based machines there are out there in the wild, the problem posed by Spectre couldn't get much bigger. Don't leave yourself vulnerable. Get the update today.

]]>https://www.zyrka.com/2018/03/12/intel-releases-new-patch-for-spectre-chip-issue/feed/0High Speed Wireless Coming To Laptops Next Yearhttps://www.zyrka.com/2018/03/10/high-speed-wireless-coming-to-laptops-next-year/
https://www.zyrka.com/2018/03/10/high-speed-wireless-coming-to-laptops-next-year/#respondSat, 10 Mar 2018 16:00:00 +0000https://www.zyrka.com/2018/03/10/high-speed-wireless-coming-to-laptops-next-year/If you're in the market for a new laptop but can milk a little more life out of the one you've got, 2019 will be the year to buy. The reason? ...]]>If you're in the market for a new laptop but can milk a little more life out of the one you've got, 2019 will be the year to buy. The reason? 5G. AT&T is slated to become the first carrier to offer 5G network connectivity to small segments of its customer base this year (starting in Atlanta, Dallas, and Waco, and then slowly spreading to other areas).

While they'll be the first, it's not hard to imagine that their competitors will be hot on their heels, and all the major PC and laptop manufacturers are keenly aware of this. That's why Microsoft, Lenovo, HP, Dell, and Intel have all announced that the first 5G-enabled PCs will become available sometime in mid to late 2019, in a bid to take advantage of the awesome new capabilities that 5G promises to make a reality.

While Intel missed the 4G opportunity, the company has every intention of being front and center in the 5G revolution.

In fact, the company had this to say when it made its announcement earlier this week:

"Intel is investing deeply across its wireless portfolio and partners to bring 5G-connected mobile PCs to market, with benefits for users like high quality video on-the-go, high-end gaming, and seamless connections as users traverse WiFi and Cellular networks."

All true, and a widespread 5G network would truly be a game changer. The problem though, is that 5G has a bit of an image problem. It has long been considered the Holy Grail of wireless networking, and Intel and other companies have been hyping its many advantages for years.

The difference of course is that now, companies have the technical capabilities to make it all real, and have firm timetables in place for a rollout, neither of which were true in the past. Even so, 5G now has to swim against a bit of a tide of its own making as it draws closer to becoming reality.

]]>https://www.zyrka.com/2018/03/10/high-speed-wireless-coming-to-laptops-next-year/feed/0Google Calls Out Microsoft For Security Issuehttps://www.zyrka.com/2018/03/09/google-calls-out-microsoft-for-security-issue/
https://www.zyrka.com/2018/03/09/google-calls-out-microsoft-for-security-issue/#respondFri, 09 Mar 2018 16:00:00 +0000https://www.zyrka.com/2018/03/09/google-calls-out-microsoft-for-security-issue/Depending on who you ask, Google's Project Zero is either the thing that's going to singlehandedly save the internet, or the bane of many companies' existence. It's easy to see both ...]]>Depending on who you ask, Google's Project Zero is either the thing that's going to singlehandedly save the internet, or the bane of many companies' existence. It's easy to see both sides of the argument.

On one hand, by uncovering previously undiscovered bugs in all manner of software and handing that information over to the authors, Google is undeniably performing a valued public service. The problem has never been with the "carrot" side of the equation, always with the stick.

The stick is this: Google gives each company 90 days in which to address the bug. If they take no action during that time, then Google will announce the existence of the bug to the world, which of course, means that hackers everywhere immediately have access to a new exploit.

This approach often accomplishes what contacting the vendor privately does not. Once the bug becomes common knowledge, the company in question is essentially forced to fix the problem, thus making the internet safer.

It should be noted that Google does allow exemptions to the 90-day rule. If a company is hard at work on a fix and needs more time, Google has been known to delay their announcement. In a similar vein, if a bug is simply catastrophic in scope and scale, the company has been known to make the announcement to help deploy resources of multiple companies toward addressing the issue.

More than 90 days ago, the Project Zero team discovered a pair of security flaws in Microsoft products. One in their Edge browser, and the other in the Windows 10 OS. One of the two got fixed. The other did not, and Google called them out for it.

Needless to say, Microsoft is not pleased, and they have hit Google back for such behavior in the past. They scored a PR victory last year when Microsoft engineers discovered a flaw in Google's Chrome browser, and contacted the company privately so they could fix the issue and then bragged about their more responsible approach after the fact.

]]>https://www.zyrka.com/2018/03/09/google-calls-out-microsoft-for-security-issue/feed/05G Cellular Service Is Beginning To Roll Outhttps://www.zyrka.com/2018/03/08/5g-cellular-service-is-beginning-to-roll-out/
https://www.zyrka.com/2018/03/08/5g-cellular-service-is-beginning-to-roll-out/#respondThu, 08 Mar 2018 16:00:00 +0000https://www.zyrka.com/2018/03/08/5g-cellular-service-is-beginning-to-roll-out/AT&T has big plans for their future and yours. If they're your carrier of choice, and if you live in the cities of Dallas, Atlanta, or Waco, then you stand to ...]]>AT&T has big plans for their future and yours. If they're your carrier of choice, and if you live in the cities of Dallas, Atlanta, or Waco, then you stand to be on the cutting edge of the changes the company has in store. Those locations have been selected to be the first to receive AT&T's 5G network upgrade.

Often, whenever a new technology is touted, you hear the phrase "this changes everything" associated with it. However, after listening to an AT&T spokesman talk at length about the capabilities of the new 5G network, the phrase is much more than just hot air and wishful thinking. From the sounds of it, it really does change everything.

Here's what a company official had to say on the matter:

"We are working with our vendors on an aggressive schedule to help ensure customers can enjoy 5G when we launch the network this year. We will add more 5G-capable mobile devices and smartphones in early 2019 and beyond.

After significantly contributing to the first phase of 5G standards, conducting multi-city trials, and literally transforming our network for the future, we're planning to be the first carrier to deliver standards-based mobile 5G--and do it much sooner than most people thought possible.

What this means for our customers in these cities is that they will be the very first to access this next generation of wireless services. The experience we've gained by leading the industry transformation to network virtualization and software control will help our customers to get the most out of 5G. Ultimately, this means new experiences with augmented reality and virtual reality (AR/VR), future autonomous cars and delivery drones.

In order for these new experiences to become reality, you need mobile 5G powered by SDN and edge computing. We're making the cloud smarter, faster, and local."

By all accounts, there are exciting times ahead. If you've been thinking about switching to AT&T, this might be a good reason to do so.